Earl Warren
82395a1f72
Refs: https://codeberg.org/forgejo/forgejo/issues/2051 Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2053 Reviewed-by: Loïc Dachary <dachary@noreply.codeberg.org> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org> (cherry picked from commit 01abf4d505b092886ed22cdb903ec834061cd7d6) [CI] Forgejo Actions based release process (squash) no ownca The private Forgejo instance trusted with the release signing keys no longer requires the installation of the ownca certificate authority. Refs: https://codeberg.org/forgejo/docs/pulls/338 (cherry picked from commit 72f9ae796d7d7328e87129485e83251708f3d2fb) (cherry picked from commit b0ca4236d76bcc24dfeecba54b602af542355c7d) (cherry picked from commit 81619cf8b5e1650eeb8cb315ee7fa70d0c2d82ba) (cherry picked from commit 2cb32c1a2bd1dd58bb51b81b06e5453608cf0b5d) (cherry picked from commit f817d97f85fff41392ff3017245b80a3ab73cf8a) (cherry picked from commit 7499661326231f5f353c977546f57787a130346f)
100 lines
3.8 KiB
YAML
100 lines
3.8 KiB
YAML
name: Integration tests for the release process
|
|
|
|
on:
|
|
push:
|
|
paths:
|
|
- Makefile
|
|
- Dockerfile
|
|
- Dockerfile.rootless
|
|
- docker/**
|
|
- .forgejo/workflows/build-release.yml
|
|
- .forgejo/workflows/build-release-integration.yml
|
|
|
|
jobs:
|
|
release-simulation:
|
|
if: ${{ !startsWith(vars.ROLE, 'forgejo-') }}
|
|
runs-on: self-hosted
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
|
|
- id: forgejo
|
|
uses: https://code.forgejo.org/actions/setup-forgejo@v1
|
|
with:
|
|
user: root
|
|
password: admin1234
|
|
image-version: 1.21
|
|
lxc-ip-prefix: 10.0.9
|
|
|
|
- name: publish the forgejo release
|
|
run: |
|
|
set -x
|
|
|
|
version=1.2.3
|
|
cat > /etc/docker/daemon.json <<EOF
|
|
{
|
|
"insecure-registries" : ["${{ steps.forgejo.outputs.host-port }}"]
|
|
}
|
|
EOF
|
|
systemctl restart docker
|
|
|
|
apt-get install -qq -y xz-utils
|
|
|
|
dir=$(mktemp -d)
|
|
trap "rm -fr $dir" EXIT
|
|
|
|
url=http://root:admin1234@${{ steps.forgejo.outputs.host-port }}
|
|
export FORGEJO_RUNNER_LOGS="${{ steps.forgejo.outputs.runner-logs }}"
|
|
|
|
#
|
|
# Create a new project with a fake forgejo and the release workflow only
|
|
#
|
|
cp -a .forgejo/testdata/build-release/* $dir
|
|
mkdir -p $dir/.forgejo/workflows
|
|
cp .forgejo/workflows/build-release.yml $dir/.forgejo/workflows
|
|
cp $dir/Dockerfile $dir/Dockerfile.rootless
|
|
|
|
forgejo-test-helper.sh push $dir $url root forgejo
|
|
sha=$(forgejo-test-helper.sh branch_tip $url root/forgejo main)
|
|
|
|
#
|
|
# Push a tag to trigger the release workflow and wait for it to complete
|
|
#
|
|
forgejo-curl.sh api_json --data-raw '{"tag_name": "v'$version'", "target": "'$sha'"}' $url/api/v1/repos/root/forgejo/tags
|
|
forgejo-curl.sh api_json -X PUT --data-raw '{"data":"${{ steps.forgejo.outputs.token }}"}' $url/api/v1/repos/root/forgejo/actions/secrets/TOKEN
|
|
forgejo-curl.sh api_json -X PUT --data-raw '{"data":"root"}' $url/api/v1/repos/root/forgejo/actions/secrets/DOER
|
|
LOOPS=180 forgejo-test-helper.sh wait_success "$url" root/forgejo $sha
|
|
|
|
#
|
|
# uncomment to see the logs even when everything is reported to be working ok
|
|
#
|
|
#cat $FORGEJO_RUNNER_LOGS
|
|
|
|
#
|
|
# Minimal sanity checks. e2e test is for the setup-forgejo
|
|
# action and the infrastructure playbook. Since the binary
|
|
# is a script shell it does not test the sanity of the cross
|
|
# build, only the sanity of the naming of the binaries.
|
|
#
|
|
for arch in amd64 arm64 arm-6 ; do
|
|
binary=forgejo-$version-linux-$arch
|
|
for suffix in '' '.xz' ; do
|
|
curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$binary$suffix > $binary$suffix
|
|
if test "$suffix" = .xz ; then
|
|
unxz --keep $binary$suffix
|
|
fi
|
|
chmod +x $binary
|
|
./$binary --version | grep $version
|
|
curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$binary$suffix.sha256 > $binary$suffix.sha256
|
|
shasum -a 256 --check $binary$suffix.sha256
|
|
rm $binary$suffix
|
|
done
|
|
done
|
|
|
|
sources=forgejo-src-$version.tar.gz
|
|
curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$sources > $sources
|
|
curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$sources.sha256 > $sources.sha256
|
|
shasum -a 256 --check $sources.sha256
|
|
|
|
docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:$version
|
|
docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:$version-rootless
|